package com.glodon.paas.account.web.controller;

import javax.servlet.http.HttpServletRequest;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;

import com.glodon.paas.account.api.bean.AccountConstant;
import com.glodon.paas.account.api.bean.User;
import com.glodon.paas.account.service.PasswordService;
import com.glodon.paas.account.service.UserService;
import com.glodon.paas.account.web.util.SecurityUtils;
import com.glodon.paas.consts.StringConst;
import com.glodon.paas.exception.PaasServerExceptionFactory;

/**
 * @author guojf
 */
@Controller
@RequestMapping("/")
public class PasswordController {
	public static final Logger LOGGER = LoggerFactory.getLogger(PasswordController.class);
	@Autowired
	private PasswordService passwordService;
	@Autowired
	private UserService userService;

	@RequestMapping(value = "/resetPassword", method = RequestMethod.POST)
	public void resetPassword(
			@RequestParam("opassword") String oldPw,
			@RequestParam("npassword") String newPw, 
			ModelMap model){
		//String encodeOldPw = md5PasswordEncoder.encodePassword(oldPw, null);
		//String encodeNewPw = md5PasswordEncoder.encodePassword(newPw, null);
		//passwordService.resetPassword(SecurityUtils.getCurrentUser().getId(), encodeOldPw, encodeNewPw);
		passwordService.resetPassword(SecurityUtils.getCurrentUser().getId(), newPw, oldPw, AccountConstant.AUTHORIZATION_TYPE_PWD);
		model.addAttribute(StringConst.RESULT, StringConst.TRUE);
	}

	@RequestMapping(value = "/emailResetPasswordLink")
	public void emailResetPasswordLink(String email, ModelMap model, HttpServletRequest request) {
		StringBuilder sb = new StringBuilder();
		sb.append(request.getScheme()).append("://");
		sb.append(request.getServerName());
		if (request.getServerPort() != 80) {
			sb.append(":").append(request.getServerPort());
		}
		sb.append(request.getContextPath());
		passwordService.emailResetPasswordLink(email, sb.toString());
		model.addAttribute(StringConst.RESULT, StringConst.TRUE);
	}

	@RequestMapping(value = "/validateResetPasswordLink")
	public String validateResetPasswordLink(String email, long time, String token, HttpServletRequest request, ModelMap model){
		passwordService.validateResetPasswordLink(email, time, token);
		request.getSession().setAttribute("email", email);
		return "forgetPassword";
	}

	//TODO 直接提交 该地址，密码 有可能被修改。安全性，需要测试
	@RequestMapping(value = "/changePassword", method = RequestMethod.POST)
	public void changePassword(String npassword, HttpServletRequest request,ModelMap model) {
		String email = (String) request.getSession().getAttribute("email");
		if (email == null) {
			throw PaasServerExceptionFactory.validateException("email is empty", null);
		}
		User dbUser = userService.getUserByAccountName(email, AccountConstant.ACCOUNT_NAME_EMAIL,AccountConstant.USER_STATUS_ACTIVE);
		if (dbUser != null) {
			//passwordService.setPassword(dbUser.getId(), md5PasswordEncoder.encodePassword(npassword, null));
			passwordService.resetPassword(dbUser.getId(), npassword, null, AccountConstant.AUTHORIZATION_TYPE_SYS);
			model.addAttribute(StringConst.RESULT, StringConst.TRUE);
			return;
		}
		model.addAttribute(StringConst.RESULT, StringConst.FALSE);
	}
}
